Incident Response Analyst

Infinit-O

Philippines

1-3 Years

Save

Posted 14 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

Infinit-O isn't just about business process optimization, we're about people. For over 20 years, we've been helping some of the world's fastest-growing companies in Financial Services, Healthcare, and Technology achieve multiple strategic advantages through data-driven solutions, high-performance teams, and cutting-edge technology. Our world-class Net Promoter Score of 75 reflects our commitment to excellence and client satisfaction.

But what truly sets us apart is our culture. At Infinit-O, we believe that diversity, equity, and inclusion are the foundation of innovation and sustainable growth. We embrace differences, empower perspectives, and create equal opportunities for everyone. Our people-first approach has earned us the Great Place To Work Certification three times, and as a B Corp Certified company, we're dedicated to making a positive impact not just in business, but in the communities we serve.

With a highly engaged and innovative team, we don't just optimize processes, we also create meaningful change.

Key Responsibilities:

SIEM Alert Validation: Monitor Jira/BlinkOps for alerts pertaining to: Identity issues, compromised passwords, impossible travel, travel to restricted countries, Superadmin creation in Okta, Admin created in SentinelOne, Google admin account activity (creation/deletion), Splunk data deletion, HoneyCred access in Keeper, and suspected malicious access by Okta, Google, and other systems.
Investigation: Perform manual investigation (running searches in Splunk, SentinelOne, and Client apps) to confirm alert details, determine False Positive/True Positive status, and engage the on-call IR lead.
Manual IR Escalation: Identify True Positive events and provide the IR team with a handoff summary including impacted users, systems, and IP information.

Minimum Qualifications

Bachelor's Degree in IT, Computer Science or similar
At least 1-2 years of experience in a similar role
Alert Triage: Able to investigate alerts through log entries and reconstruct user/system activity.
SIEM Navigation: Competency in querying logs (training provided as needed).
EDR Navigation: Ability to search SentinelOne to identify specific activity related to alerts.
Communication: Ability to write clear summaries in Jira and PagerDuty.
Escalation: Ability to escalate True Positives to IR through PagerDuty.
Continuous improvement mindset
Accountability and results orientation